From 2d200d1ff91cd6c63fbf8c656b363f6e818d3b7f Mon Sep 17 00:00:00 2001 From: Christopher Ng Date: Wed, 2 Oct 2024 11:24:06 -0700 Subject: [PATCH] fix: Return correct list of managers for a user Signed-off-by: Christopher Ng --- lib/private/User/User.php | 38 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/lib/private/User/User.php b/lib/private/User/User.php index f2c388253381f..8b5cc862afb0c 100644 --- a/lib/private/User/User.php +++ b/lib/private/User/User.php @@ -17,12 +17,16 @@ use OCP\EventDispatcher\IEventDispatcher; use OCP\Group\Events\BeforeUserRemovedEvent; use OCP\Group\Events\UserRemovedEvent; +use OCP\Group\ISubAdmin; use OCP\IAvatarManager; use OCP\IConfig; +use OCP\IGroupManager; use OCP\IImage; use OCP\IURLGenerator; use OCP\IUser; use OCP\IUserBackend; +use OCP\IUserManager; +use OCP\IUserSession; use OCP\Notification\IManager as INotificationManager; use OCP\User\Backend\IGetHomeBackend; use OCP\User\Backend\IPasswordHashBackend; @@ -78,6 +82,18 @@ class User implements IUser { /** @var IURLGenerator */ private $urlGenerator; + /** @var IUserSession */ + private $userSession; + + /** @var IUserManager */ + private $userManager; + + /** @var ISubAdmin */ + private $subAdminManager; + + /** @var IGroupManager */ + private $groupManager; + public function __construct(string $uid, ?UserInterface $backend, IEventDispatcher $dispatcher, $emitter = null, ?IConfig $config = null, $urlGenerator = null) { $this->uid = $uid; $this->backend = $backend; @@ -91,6 +107,10 @@ public function __construct(string $uid, ?UserInterface $backend, IEventDispatch $this->urlGenerator = \OC::$server->getURLGenerator(); } $this->dispatcher = $dispatcher; + $this->userSession = \OCP\Server::get(IUserSession::class); + $this->userManager = \OCP\Server::get(IUserManager::class); + $this->subAdminManager = \OCP\Server::get(ISubAdmin::class); + $this->groupManager = \OCP\Server::get(IGroupManager::class); } /** @@ -536,13 +556,27 @@ public function setQuota($quota) { } public function getManagerUids(): array { + $user = $this->userSession->getUser(); + if (!($user instanceof IUser)) { + return []; + } $encodedUids = $this->config->getUserValue( $this->uid, 'settings', self::CONFIG_KEY_MANAGERS, - '[]' + '[]', ); - return json_decode($encodedUids, false, 512, JSON_THROW_ON_ERROR); + /** @var string[] $managerUids */ + $managerUids = json_decode($encodedUids, false, 512, JSON_THROW_ON_ERROR); + $userId = $user->getUID(); + if ($this->groupManager->isAdmin($userId) || $this->groupManager->isDelegatedAdmin($userId)) { + return $managerUids; + } + $accessibleManagers = array_values(array_filter( + $managerUids, + fn (string $managerUid) => $this->subAdminManager->isUserAccessible($user, $this->userManager->get($managerUid)), + )); + return $accessibleManagers; } public function setManagerUids(array $uids): void {